#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
adf418d8 |
|
10-Apr-2024 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Lower verbosity of cert message for GP When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
ac23bb63 |
|
31-Oct-2023 |
Tom Rini <trini@konsulko.com> |
ti: k3: Drop <common.h> usage None of these files need <common.h> to be included, drop it. Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
a94a4071 |
|
01-Nov-2023 |
Nishanth Menon <nm@ti.com> |
tree-wide: Replace http:// link with https:// link for ti.com Replace instances of http://www.ti.com with https://www.ti.com Signed-off-by: Nishanth Menon <nm@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
c97ed47b |
|
25-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
mach-k3: security: improve the checks around authentication The following checks are more reasonable as the previous logs were a bit misleading as we could still get the logs that the authetication is being skipped but still authenticate. Move the debug prints and checks to proper locations. Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
44dab785 |
|
13-Jul-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arch: mach-k3: security: fix the check for authentication Fix regression occurred during refactoring for the mentioned commit. Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
bd6a2475 |
|
17-May-2023 |
Manorit Chawdhry <m-chawdhry@ti.com> |
arm: mach-k3: security: separate out validating binary logic K3 GP devices allows booting the secure binaries on them by bypassing the x509 header on them. ATF and OPTEE firewalling required the rproc_load to be called before authentication. This change caused the failure for GP devices that strips off the headers. The boot vector had been set before the headers were stripped off causing the runtime stripping to fail and stripping becoming in-effective. Separate out the secure binary check on GP/HS devices so that the boot_vector could be stripped before calling rproc_load. This allows keeping the authentication later when the cluster is on along with allowing the stripping of the binaries in case of gp devices. Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee") Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f392860c |
|
06-Apr-2023 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: Remove empty sys_proto.h include This header file is now empty, remove it. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b0931d1b |
|
06-Oct-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Use dma-mapping for cache ops This matches how this would be done in Linux and these functions do the alignment for us which makes the code look cleaner. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
b661c1bc |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Remove certificate if detected on GP device If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
a0379c6f |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Bypass image signing at runtime for GP devices We can skip the image authentication check at runtime if the device is GP. This reduces the delta between GP and HS U-Boot builds. End goal is to re-unify the two build types into one build that can run on all device types. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
e1ef04fb |
|
15-Jul-2022 |
Andrew Davis <afd@ti.com> |
arm: mach-k3: security: Allow signing bypass if type is HS-FS On HS-FS devices signing boot images is optional. To ease use we check if we are HS-FS and if no certificate is attached to the image we skip the authentication step with a warning that this will fail when the device is set to security enforcing. Signed-off-by: Andrew Davis <afd@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
547b277c |
|
11-Jun-2021 |
Tero Kristo <t-kristo@ti.com> |
arm: mach-k3: add support for detecting firmware images from FIT Add callback routines for parsing the firmware info from FIT image, and use the data to boot up ATF and the MCU R5 firmware. Signed-off-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
481d394e |
|
11-Jun-2021 |
Lokesh Vutla <lokeshvutla@ti.com> |
common: fit: Update board_fit_image_post_process() to pass fit and node_offset board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
f7ae49fc |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
4d72caa5 |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop image.h from common header Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
90526e9f |
|
10-May-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop net.h from common header Move this header out of the common header. Network support is used in quite a few places but it still does not warrant blanket inclusion. Note that this net.h header itself has quite a lot in it. It could be split into the driver-mode support, functions, structures, checksumming, etc. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
29a4a9f1 |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
95b256ec |
|
07-Jan-2020 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: security: Clean image out of cache before authentication On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually A53 or A72). The large ARMs are coherent with the DMA controllers and the SYSFW that perform authentication. And previously the R5 core did not enable caches. Now that R5 does enable caching we need to be sure to clean out any of the image that may still only be in cache before we read it using external DMA for authentication. Although not expected to happen, it may be possible that the data was read back into cache after the flush but before the external operation, in this case we must invalidate our stale local cached version. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
db41d65a |
|
28-Dec-2019 |
Simon Glass <sjg@chromium.org> |
common: Move hang() to the same header as panic() At present panic() is in the vsprintf.h header file. That does not seem like an obvious choice for hang(), even though it relates to panic(). So let's put hang() in its own header. Signed-off-by: Simon Glass <sjg@chromium.org> [trini: Migrate a few more files] Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|
#
78e51212 |
|
08-Sep-2019 |
Lokesh Vutla <lokeshvutla@ti.com> |
arm: k3: Use get_ti_sci_handle() where ever possible Instead of calling uclass apis everywhere, use get_ti_sci_handle() when ever ti_sci is needed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
|
#
3a543a80 |
|
11-Apr-2019 |
Andrew F. Davis <afd@ti.com> |
arm: mach-k3: Add secure device support K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
|